In line with Data Privacy Day this Friday, Facebook announced its rollout of Secure Sockets Layer (SSL) capability for all of its services. Facebook has taken some heat for its lack of SSL support, especially with the release of FireSheep, which we covered here. Facebook does warn that encrypted pages will take slightly longer to load, which is a small price to pay for the added security.
According to the official Facebook post, there should soon be a check box titled Secure Browsing (https) under the Account Security section of Account Settings. This setting specifies that all future connections be redirected to HTTPS. It should be noted that this rollout has just begun and that this option is not yet available to everyone. It may take some time before this option is made available to everyone.
In the absence of the Secure Browsing setting, manually changing the URL to https:// seems to work but with mixed results. The main profile page will successfully load with no problems. Unfortunately, things start to get sketchy from there. Many links are relative and will keep the user in the secure browsing environment. Other links, however, are absolute and remove the protection of SSL. Hopefully, Facebook will fix these issues soon or at least makes it more clear when SSL support is not available.
Facebook also warned that some third-party applications and their own chat functionality currently don’t work if SSL is enabled. Users should be aware of this and take appropriate precautions if they can’t use SSL for those reasons.